%20Data%20Allegedly%20Leaked%20by%20Threat%20Actors%20on%20Hackers%20Forums.webp?w=1600&resize=1600,900&ssl=1 "400GB of X (Twitter) Data Allegedly Leaked")
A massive data leak, potentially the largest social media breach ever, reportedly exposes 400GB of data from roughly 2.87 billion Twitter (X) user accounts.
The breach was first reported on March 28, 2025, by a user known as “ThinkingOne” on the infamous Breach Forums, who claims the data was stolen by a disgruntled employee during a period of mass layoffs at the company.
Breach Details and Data Compilation
ThinkingOne claims to have merged this newly leaked dataset with records from a previous January 2023 breach that affected approximately 209 million Twitter users.
The result is a single 34GB CSV file (9GB when compressed) containing 201,186,753 entries of users whose screen names appeared in both breaches.
“I tried contacting X via several methods with no response,” stated ThinkingOne, explaining their decision to publicly release the information after claiming the company ignored their warnings.
According to their investigation, the information appears legitimate, though they could not confirm if all email addresses belong to the associated accounts.
Extensive Twitter (X) User Profile Data Leak
According to Cyber Press report, the leaked dataset contains extensive profile metadata, including:
- Account creation dates
- User IDs and screen names
- Profile descriptions and URLs
- Location and time zone settings
- Display names (current and from 2021)
- Followers count from both 2021 and 2025
- Tweet count and timestamps of last tweets
- Source of the last tweet (such as TweetDeck or X Web App)
- Status settings (verified or protected profiles)
While the 2023 breach contained email addresses, the 2025 leak notably lacks this sensitive information. However, when merged, the dataset presents a comprehensive view of user profiles.
The breach files appear to be structured in a standardized CSV format, similar to how data could be extracted using API tools like Tweepy.
Further investigation by Cyber Press uncovered 165 related files, including multiple compressed CSV files dated January 24, 2025, with sizes ranging from 361MB to 376MB each.
The scope of this breach is unprecedented. With X reporting approximately 335.7 million users as of January 2025, the claim of 2.87 billion records is puzzling.
Experts suggest the dataset may include historical accounts, deleted profiles, and other non-active entities stored in X’s systems.
As of April 1, 2025, X has not officially acknowledged the breach. The potential impact depends on whether additional sensitive information was exposed beyond what’s currently known.
If authentic, this incident would represent the second-largest data breach in history, surpassed only by the National Public Data breach of 3.1 billion records.
For X users, the exposure of detailed profile information increases the risks of targeted phishing attacks and identity impersonation, even without email addresses being directly compromised in the latest leak.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
This article was originally published by a cybersecuritynews.com . Read the Original article here. .